RESTED icon indicating copy to clipboard operation
RESTED copied to clipboard

Published 20 hours ago verified publisher icon RESTEDClient

Origin header for CORS

Open bsozin opened this issue 7 years ago • 1 comments

Trying to play with rest api using RESTED in firefox.

Server tells me 403 Forbidden: Responding with 403 status code due to failed CSRF check: request's "Origin" header value "moz-extension://306828c6-2667-4649-a88d-296116e4bda7" does not match Host/X-Forwarded-Host header values or server's CORS-trusted hosts, consider adding "Origin: http://localhost:8111" header.

However, when I'm trying to set Origin to http://localhost:8111 RESTED keep sending moz-extension://...

Other headers seems to be passable. What's wrong with Origin?

bsozin avatar Aug 28 '18 09:08 bsozin

I see related issue #115 but it is quite old. Any updates?

bsozin avatar Aug 28 '18 09:08 bsozin